Date: Monday, December 14, 2009 @ 21:52:11 Author: allan Revision: 61275
Merged revisions 61274 via svnmerge from svn+ssh://gerolde.archlinux.org/srv/svn-packages/expat/trunk ........ r61274 | allan | 2009-12-15 12:51:10 +1000 (Tue, 15 Dec 2009) | 2 lines upgpkg: expat 2.0.1-4 fix CVE-2009-3720 ........ Added: expat/repos/testing-i686/CVE-2009-3720.patch (from rev 61274, expat/trunk/CVE-2009-3720.patch) Modified: expat/repos/testing-i686/ (properties) expat/repos/testing-i686/PKGBUILD ---------------------+ CVE-2009-3720.patch | 12 ++++++++++++ PKGBUILD | 9 ++++++--- 2 files changed, 18 insertions(+), 3 deletions(-) Property changes on: expat/repos/testing-i686 ___________________________________________________________________ Modified: svnmerge-integrated - /expat/trunk:1-61198 + /expat/trunk:1-61274 Copied: expat/repos/testing-i686/CVE-2009-3720.patch (from rev 61274, expat/trunk/CVE-2009-3720.patch) =================================================================== --- testing-i686/CVE-2009-3720.patch (rev 0) +++ testing-i686/CVE-2009-3720.patch 2009-12-15 02:52:11 UTC (rev 61275) @@ -0,0 +1,12 @@ +diff -urNad trunk~/lib/xmltok_impl.c trunk/lib/xmltok_impl.c +--- trunk~/lib/xmltok_impl.c 2006-11-26 18:34:46.000000000 +0100 ++++ trunk/lib/xmltok_impl.c 2009-10-22 21:42:41.000000000 +0200 +@@ -1744,7 +1744,7 @@ + const char *end, + POSITION *pos) + { +- while (ptr != end) { ++ while (ptr < end) { + switch (BYTE_TYPE(enc, ptr)) { + #define LEAD_CASE(n) \ + case BT_LEAD ## n: \ Modified: testing-i686/PKGBUILD =================================================================== --- testing-i686/PKGBUILD 2009-12-15 02:51:10 UTC (rev 61274) +++ testing-i686/PKGBUILD 2009-12-15 02:52:11 UTC (rev 61275) @@ -4,7 +4,7 @@ pkgname=expat pkgver=2.0.1 -pkgrel=3 +pkgrel=4 pkgdesc="An XML Parser library written in C" arch=('i686' 'x86_64') url="http://expat.sourceforge.net/" @@ -12,13 +12,16 @@ depends=('glibc') options=('!libtool') source=(http://downloads.sourceforge.net/sourceforge/expat/${pkgname}-${pkgver}.tar.gz - CVE-2009-3560.patch) + CVE-2009-3560.patch + CVE-2009-3720.patch) md5sums=('ee8b492592568805593f81f8cdf2a04c' - '50aa6f7693fda07f4720a0495d12e695') + '50aa6f7693fda07f4720a0495d12e695' + 'f3eeb796f28945899216b815e5901996') build() { cd "${srcdir}/${pkgname}-${pkgver}" patch -Np1 -i $srcdir/CVE-2009-3560.patch + patch -Np1 -i $srcdir/CVE-2009-3720.patch ./configure --prefix=/usr --mandir=/usr/share/man || return 1 make || return 1 make DESTDIR="${pkgdir}" install || return 1